VIR Vulnerability Intelligence Relay

CVE-2015-8521

critical
Published 2016-04-05 · Modified 2026-05-06
CVSS v3
9.8
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS v2
7.5
VIR risk
9.8

Description

Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before 6.1.12.2 allows remote attackers to execute arbitrary code via a crafted command, a different vulnerability than CVE-2015-8519, CVE-2015-8520, and CVE-2015-8522.

Predictions

Exploit likelihood
97%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@us.ibm.com — http://www-01.ibm.com/support/docview.wss?uid=swg21975536

Application impact
VendorProductVersionsFixed
ibm ibmtivoli_storage_manager_fastback5.5.0
ibm ibmtivoli_storage_manager_fastback6.1.0
ibm ibmtivoli_storage_manager_fastback6.1.0.1
ibm ibmtivoli_storage_manager_fastback6.1.1
ibm ibmtivoli_storage_manager_fastback6.1.1.0
ibm ibmtivoli_storage_manager_fastback6.1.2
ibm ibmtivoli_storage_manager_fastback6.1.2.0
ibm ibmtivoli_storage_manager_fastback6.1.3
ibm ibmtivoli_storage_manager_fastback6.1.3.0
ibm ibmtivoli_storage_manager_fastback6.1.4
ibm ibmtivoli_storage_manager_fastback6.1.4.0
ibm ibmtivoli_storage_manager_fastback6.1.5
ibm ibmtivoli_storage_manager_fastback6.1.5.0
ibm ibmtivoli_storage_manager_fastback6.1.5.2
ibm ibmtivoli_storage_manager_fastback6.1.6
ibm ibmtivoli_storage_manager_fastback6.1.6.0
ibm ibmtivoli_storage_manager_fastback6.1.6.1
ibm ibmtivoli_storage_manager_fastback6.1.6.2
ibm ibmtivoli_storage_manager_fastback6.1.7
ibm ibmtivoli_storage_manager_fastback6.1.7.0
ibm ibmtivoli_storage_manager_fastback6.1.7.1
ibm ibmtivoli_storage_manager_fastback6.1.7.2
ibm ibmtivoli_storage_manager_fastback6.1.8
ibm ibmtivoli_storage_manager_fastback6.1.8.0
ibm ibmtivoli_storage_manager_fastback6.1.9
ibm ibmtivoli_storage_manager_fastback6.1.9.0
ibm ibmtivoli_storage_manager_fastback6.1.9.1
ibm ibmtivoli_storage_manager_fastback6.1.10
ibm ibmtivoli_storage_manager_fastback6.1.10.0
ibm ibmtivoli_storage_manager_fastback6.1.10.1
ibm ibmtivoli_storage_manager_fastback6.1.11
ibm ibmtivoli_storage_manager_fastback6.1.11.0
ibm ibmtivoli_storage_manager_fastback6.1.11.1
ibm ibmtivoli_storage_manager_fastback6.1.12
ibm ibmtivoli_storage_manager_fastback6.1.12.1

References

CWEs

CWE-119

Verify integrity in audit chain (admin only). AS-IS.